To improve the user experience on this site we use cookies. I agree | I disagree

Remote upload of firmware, User Module, configuration, . . . . via script.

In category Routers .


CSRF attack protection from firmware version 5.3.0

 

Examples from Linux

upload firmware:
#!/bin/sh
 
ROUTER=192.168.1.1
file=UR5i-v2.bin
 
curl -k -d "username=root&password=root" --dump-header /tmp/headers --output /dev/null https://$ROUTER/login_exec.cgi
REQUEST_ID=$(curl -k -b /tmp/headers https://$ROUTER/restore.cgi | sed -n '/hidden/s/.*name="request_id"\s\+value="\([^"]\+\).*/\1/p')
curl -k -b /tmp/headers --form request_id=$REQUEST_ID -F file=@$file --output /dev/null https://$ROUTER/update_exec.cgi

 

upload User Module:
#!/bin/sh
 
ROUTER=192.168.1.1
file=gps.v3.tgz
 
curl -k -d "username=root&password=root" --dump-header /tmp/headers --output /dev/null https://$ROUTER/login_exec.cgi
REQUEST_ID=$(curl -k -b /tmp/headers https://$ROUTER/restore.cgi | sed -n '/hidden/s/.*name="request_id"\s\+value="\([^"]\+\).*/\1/p')
curl -k -b /tmp/headers --form request_id=$REQUEST_ID -F file=@$file --output /dev/null https://$ROUTER/module_add.cgi

 

upload configuration:
#!/bin/sh
 
ROUTER=192.168.1.1
file=your_config_file.cfg
 
curl -k -d "username=root&password=root" --dump-header /tmp/headers --output /dev/null https://$ROUTER/login_exec.cgi
REQUEST_ID=$(curl -k -b /tmp/headers https://$ROUTER/restore.cgi | sed -n '/hidden/s/.*name="request_id"\s\+value="\([^"]\+\).*/\1/p')
curl -k -b /tmp/headers --form request_id=$REQUEST_ID -F file=@$file --output /dev/null https://$ROUTER/restore_exec.cgi

 

add user:
#!/bin/sh
 
ROUTER=192.168.1.1
user="test"
password="conel"
 
curl -k -d "username=root&password=root" --dump-header /tmp/headers --output /dev/null https://$ROUTER/login_exec.cgi
REQUEST_ID=$(curl -k -b /tmp/headers https://$ROUTER/user.cgi | sed -n '/hidden/s/.*name="request_id"\s\+value="\([^"]\+\).*/\1/p')
curl -k -b /tmp/headers --form request_id=$REQUEST_ID --form role="1" --form username="$user" --form passwd="$password" --form passwd2="$password" --output /dev/null https://$ROUTER/user_add.cgi

 

remote reboot:
#!/bin/sh
 
ROUTER=10.0.0.228
 
curl -k -d "username=root&password=root" --dump-header /tmp/headers --output /dev/null https://$ROUTER/login_exec.cgi
REQUEST_ID=$(curl -k -b /tmp/headers https://$ROUTER/reboot_exec.cgi | sed -n '/hidden/s/.*name="request_id"\s\+value="\([^"]\+\).*/\1/p')
curl -k -b /tmp/headers --form request_id=$REQUEST_ID -d "button=Reboot" --output /dev/null https://$ROUTER/reboot_exec.cgi

 

 

 

To the FAQ overview